diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7ce53da..6440095 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -37,6 +37,8 @@ lint: - releases - tags +# This is an implicit gitlab stage, with the build.env variables used by either +# other stages or auxiliarry scripts. get_version: stage: .pre script: @@ -56,8 +58,12 @@ get_version: .rootfs: stage: rootfs + parallel: + matrix: + - GROUP: [base, base-devel] before_script: - - pacman -Syu --noconfirm make devtools fakechroot fakeroot + - pacman -Syu --noconfirm make fakechroot fakeroot + - pacman -Sdd --noconfirm devtools script: - make $PWD/output/Dockerfile.$GROUP artifacts: @@ -72,9 +78,6 @@ rootfs: - releases - schedules - tags - parallel: - matrix: - - GROUP: [base, base-devel] rootfs:secure: extends: .rootfs @@ -87,12 +90,12 @@ rootfs:secure: except: - tags - releases - parallel: - matrix: - - GROUP: [base, base-devel] .image: stage: image + parallel: + matrix: + - GROUP: [base, base-devel] tags: - vm before_script: @@ -111,9 +114,6 @@ image:build: - releases - schedules - tags - parallel: - matrix: - - GROUP: [base, base-devel] before_script: - pacman -Syu --noconfirm podman - podman login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY" @@ -128,9 +128,6 @@ image:build:secure: - schedules except: - tags - parallel: - matrix: - - GROUP: [base, base-devel] before_script: - pacman -Syu --noconfirm podman - podman login -u "$GITLAB_PROJECT_USER" -p "$GITLAB_PROJECT_TOKEN" "$CI_REGISTRY" @@ -146,9 +143,6 @@ image:publish:secure: - vm only: - tags - parallel: - matrix: - - GROUP: [base, base-devel] before_script: - pacman -Syu --noconfirm podman - podman login -u "$DOCKERHUB_USERNAME" -p "$DOCKERHUB_ACCESS_TOKEN" "docker.io" diff --git a/Makefile b/Makefile index 83c3210..38c8e37 100644 --- a/Makefile +++ b/Makefile @@ -10,9 +10,11 @@ define rootfs install -Dm644 /usr/share/devtools/pacman.conf.d/extra.conf $(BUILDDIR)/etc/pacman.conf cat pacman-conf.d-noextract.conf >> $(BUILDDIR)/etc/pacman.conf + sed 's/Include = /&rootfs/g' < $(BUILDDIR)/etc/pacman.conf > pacman.conf + fakechroot -- fakeroot -- pacman -Sy -r $(BUILDDIR) \ --noconfirm --dbpath $(BUILDDIR)/var/lib/pacman \ - --config $(BUILDDIR)/etc/pacman.conf \ + --config pacman.conf \ --noscriptlet \ --hookdir $(BUILDDIR)/alpm-hooks/usr/share/libalpm/hooks/ $(2) @@ -66,10 +68,10 @@ $(OUTPUTDIR)/Dockerfile.base-devel: $(OUTPUTDIR)/base-devel.tar.zst # The following is for local builds only, it is not used by the CI/CD pipeline -.PHONY: oci-image-base +.PHONY: image-base image-base: $(OUTPUTDIR)/Dockerfile.base ${OCITOOL} build -f $(OUTPUTDIR)/Dockerfile.base -t archlinux/archlinux:base $(OUTPUTDIR) -.PHONY: oci-image-base-devel +.PHONY: image-base-devel image-base-devel: $(OUTPUTDIR)/Dockerfile.base-devel ${OCITOOL} build -f $(OUTPUTDIR)/Dockerfile.base-devel -t archlinux/archlinux:base-devel $(OUTPUTDIR) diff --git a/README.md b/README.md index baf03f2..aaf6ce6 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,25 @@ # Arch Linux OCI Images -[![pipeline status](https://gitlab.archlinux.org/archlinux/archlinux-docker/badges/master/pipeline.svg)](https://gitlab.archlinux.org/archlinux/archlinux-docker/-/commits/master) +[![pipeline status][pipeline]][commits] Arch Linux provides OCI-Compliant container images in multiple repositories: -* [Weekly in the official DockerHub library](https://hub.docker.com/_/archlinux): `podman pull docker.io/library/archlinux:latest` or `docker pull archlinux:latest` -* [Daily in our DockerHub repository](https://hub.docker.com/r/archlinux/archlinux): `podman pull docker.io/archlinux/archlinux:latest` or `docker pull archlinux/archlinux:latest` -* [Daily in our quay.io repository](https://quay.io/repository/archlinux/archlinux): `podman pull quay.io/archlinux/archlinux:latest` or `docker pull quay.io/archlinux/archlinux:latest` -* [Daily in our ghcr.io repository](https://github.com/archlinux/archlinux-docker/pkgs/container/archlinux): `podman pull ghcr.io/archlinux/archlinux:latest` or `docker pull ghcr.io/archlinux/archlinux:latest` +* [Weekly in the official DockerHub library][hub-arch]: +`podman pull docker.io/library/archlinux:latest` or `docker pull archlinux:latest` +* [Daily in our DockerHub repository][hub-containers]: +`podman pull docker.io/archlinux/archlinux:latest` or `docker pull archlinux/archlinux:latest` +* [Daily in our quay.io repository][quay-containers]: +`podman pull quay.io/archlinux/archlinux:latest` or `docker pull quay.io/archlinux/archlinux:latest` +* [Daily in our ghcr.io repository][ghcr-containers]: +`podman pull ghcr.io/archlinux/archlinux:latest` or `docker pull ghcr.io/archlinux/archlinux:latest` -Two versions of the image are provided: `base` (approx. 150 MiB) and `base-devel` (approx. 260 MiB), containing the respective meta package. Both are available as tags with `latest` pointing to `base`. Additionally, images are tagged with their date and build job number, f.e. `base-devel-20201118.0.9436`. +Two versions of the image are provided: `base` (approx. 150 MiB) and `base-devel` +(approx. 260 MiB), containing the respective meta package. Both are available as +tags with `latest` pointing to `base`. Additionally, images are tagged with their +date and build job number, f.e. `base-devel-20201118.0.9436`. -While the images are regularly kept up to date it is strongly recommended running `pacman -Syu` right after starting a container due to the rolling release nature of Arch Linux. +While the images are regularly kept up to date it is strongly recommended +running `pacman -Syu` right after starting a container due to the rolling +release nature of Arch Linux. ## Principles * Provide the Arch experience in a Docker image @@ -29,34 +38,64 @@ While the images are regularly kept up to date it is strongly recommended runnin ## Building your own image -[This repository](https://gitlab.archlinux.org/archlinux/archlinux-docker) contains all scripts and files needed to create an OCI image for Arch Linux. +[This repository][self] contains all scripts and files needed to create an OCI +image for Arch Linux. ### Dependencies Install the following Arch Linux packages: * make * devtools -* docker +* podman * fakechroot * fakeroot Make sure your user can directly interact with Podman (i.e. `podman info` works). ### Usage -Run `make oci-image-base` to build the `archlinux:base` image with the -`base` meta package installed. You can also run `make oci-image-base-devel` to -build the image `archlinux:base-devel` which additionally has the `base-devel` group installed. +Run `make image-base` to build the `archlinux:base` image with the `base` meta +package installed. You can also run `make image-base-devel` to build the image +`archlinux:base-devel` which additionally has the `base-devel` group installed. ## Pipeline ### Daily releases -Daily images are build with scheduled [GitLab CI](https://gitlab.archlinux.org/archlinux/archlinux-docker/-/blob/master/.gitlab-ci.yml) using our own runner infrastructure. Initially root filesystem archives are constructed and provided in our [package registry](https://gitlab.archlinux.org/archlinux/archlinux-docker/-/packages). The released multi-stage Dockerfile downloads those archives and verifies their integrity before unpacking it into an OCI image layer. Images are built using [podman](https://podman.io/), which also publishes them to our external repositories. +Daily images are build with scheduled [GitLab CI][in-tree-CI] using our own +runner infrastructure. Initially root filesystem archives are constructed and +provided in our [package registry][self-package-registry]. The released +multi-stage Dockerfile downloads those archives and verifies their integrity +before unpacking it into an OCI image layer. Images are built using +[podman](https://podman.io/), which also publishes them to our external +repositories. ### Weekly releases -Weekly releases to the official DockerHub library use the same pipeline as daily builds. Updates are provided as automatic [pull requests](https://github.com/docker-library/official-images/pulls?q=is%3Apr+archlinux+is%3Aclosed+author%3Aarchlinux-github) to the [official-images library](https://github.com/docker-library/official-images/blob/master/library/archlinux), whose GitHub pipeline will build the images using our provided rootfs archives and Dockerfiles. +Weekly releases to the official DockerHub library use the same pipeline as +daily builds. Updates are provided as automatic [pull requests][github-docker-prs] +to the [official-images library][github-docker-arch], whose GitHub pipeline will +build the images using our provided rootfs archives and Dockerfiles. ### Development -Changes in Git feature branches are built and tested using the pipeline as well. Development images are uploaded to our [GitLab Container Registry](https://gitlab.archlinux.org/archlinux/archlinux-docker/container_registry). +Changes in Git feature branches are built and tested using the pipeline as well. +Development images are uploaded to our +[GitLab Container Registry][self-container-registry]. + +[pipeline]: https://gitlab.archlinux.org/archlinux/archlinux-docker/badges/master/pipeline.svg +[commits]: https://gitlab.archlinux.org/archlinux/archlinux-docker/-/commits/master + +[hub-arch]: https://hub.docker.com/_/archlinux +[hub-containers]: https://hub.docker.com/r/archlinux/archlinux +[quay-containers]: https://quay.io/repository/archlinux/archlinux +[ghcr-containers]: https://github.com/archlinux/archlinux-docker/pkgs/container/archlinux + +[self]: https://gitlab.archlinux.org/archlinux/archlinux-docker + +[in-tree-CI]: https://gitlab.archlinux.org/archlinux/archlinux-docker/-/blob/master/.gitlab-ci.yml +[self-package-registry]: https://gitlab.archlinux.org/archlinux/archlinux-docker/-/packages + +[github-docker-prs]: https://github.com/docker-library/official-images/pulls?q=is%3Apr+archlinux+is%3Aclosed+author%3Aarchlinux-github +[github-docker-arch]: https://github.com/docker-library/official-images/blob/master/library/archlinux + +[self-container-registry]: https://gitlab.archlinux.org/archlinux/archlinux-docker/container_registry